I use Ubuntu’s Uncomplicated firewall because it is available on Ubuntu and it's very simple.
if ufw is not installed by default be sure to install it first.
# Tested on QNAP TVS-1282T3 | |
# connect to NAS thru SSH (ssh -p <port> admin@<NAS IP>) | |
ROOTCA=<custom-rootca>.crt | |
cp /share/NFSv\=4/<somewhere>/<custom-rootca>.crt /usr/certs | |
ln -s /usr/certs/$ROOTCA /usr/certs/`openssl x509 -hash -noout -in /usr/certs/$ROOTCA`.0 |
mainly used in start-up script
When we play with iptables aka firewall we might end up in situation, where we execute rule, which has unforseen impact - lock yourself out. Recovering from this situation is necessity.
How to:
- Enable reboot via SMS.
- Test all commands in shell first before putting them into Start-up script. This way the command will be wiped out, when unit is rebooted.
#!/bin/sh | |
# script to automate the creation of chroot jail | |
# w/ minimal executables to run git | |
export CHROOT=/var/chroot | |
function copy_binary() { | |
for i in $(ldd $*|grep -v dynamic|cut -d " " -f 3|sed 's/://'|sort|uniq) | |
do | |
cp --parents $i $CHROOT |
# The goal: create a list of maps of subnet mappings so we don't have to statically hard-code them in aws_lb | |
# https://www.terraform.io/docs/providers/aws/r/lb.html#subnet_mapping | |
locals { | |
# These represent dynamic data we fetch from somewhere, such as subnet IDs and EIPs from a VPC module | |
subnet_ids = ["subnet-1", "subnet-2", "subnet-3"] | |
eips = ["eip-1", "eip-2", "eip-3"] | |
} | |
# Here's the hack! The null_resource has a map called triggers that we can set to arbitrary values. | |
# We can also use count to create a list of null_resources. By accessing the triggers map inside of |
* | |
Author: Ky-Anh Huynh | |
Original script: https://gist.github.com/mikaelz/11b956c3d2e078105a19dd9df70dbf27 | |
Usage: | |
ticker : Your ticker name, eg. ETH-EUR | |
token : A random string otherwise yahoo output may be a bit messy | |
You should have random token on each call! | |
*/ | |
function MyYahooTicker(ticker,token) { | |
var ticker = ticker || "SXR8.DE"; |
This is an investigation into our susceptibility to Slow HTTP Attacks. These attacks take advantage of how typical web servers process requests and employ several strategies to achieve the same result. By keeping connections open longer than normal, they thereby prevent new connections from being opened and the server will either hang or return 503
.
The question is less about whether we are vulnerable, but rather to what extent. Any server can be DoS’d, it’s just a matter of how easy it is to execute.
alias kc='kubectl' | |
alias kclf='kubectl logs --tail=200 -f' | |
alias kcgs='kubectl get service -o wide' | |
alias kcgd='kubectl get deployment -o wide' | |
alias kcgp='kubectl get pod -o wide' | |
alias kcgn='kubectl get node -o wide' | |
alias kcdp='kubectl describe pod' | |
alias kcds='kubectl describe service' | |
alias kcdd='kubectl describe deployment' | |
alias kcdf='kubectl delete -f' |
provider "openstack" { | |
user_name = "calvinh" | |
tenant_name = "canonical_30039" | |
tenant_id = "6a74f3b9a17847588d9fdee581cbb01a" | |
password = <password> | |
auth_url = "https://api-jed1-vdc.bluvalt.com/identity/v3" | |
region = "RegionOne" | |
user_domain_name ="jed1" | |
project_domain_name = "jed1" | |
} |
/** | |
* Retrieves all the rows in the active spreadsheet that contain data and logs the | |
* values for each row. | |
* For more information on using the Spreadsheet API, see | |
* https://developers.google.com/apps-script/service_spreadsheet | |
*/ | |
function readRows() { | |
var sheet = SpreadsheetApp.getActiveSheet(); | |
var rows = sheet.getDataRange(); | |
var numRows = rows.getNumRows(); |